achieving traceable compliance using the ampersand method open university of the netherlands touw...
TRANSCRIPT
Achieving Traceable Compliance using the Ampersand Method
Open University of the Netherlands
TouW gathering March 6th 2010
Henriëtte Sangers
Different aspects research
Compliance
Business Ontologies
AmpersandMethod
IT systems development
GAP
Mind the Gap
Compliance
Follow rules Obedience
Do the right thing Respect others
The limits of our language mean the limits of our world
Wittgenstein (1922)
Two Gaps in IT Systems Development
1. Different use of concepts – misunderstandings about desired functionality
2. Wrong implementation of correctly understood desired functionality
Contribute to the bad track record of IT projects
The importance of being…an OU student
Usually you are older…what’s so great about that?
Let’s try: more mature? More experienced?=> If you work in IT: you saw the gap
If you really want to know the gap cross it!=> Use the opportunities to experience the other side
Chance to get better understanding of mutual dependency Business - IT
Compliance
Organisations operating according to rules and regulationsset for this type of organisation.
Financial World
Barings
IceSave
ING
New regulations to restore public trust in the financial system:
People, procedures and IT-systems all need to be compliant!
- Basel II- SOx- MIFID- CDD
Lehman Brothers
ABN AMRO
=> Focus now on ‘getting it right’
Compliance Challenge
Adapt to rapidly changing ruling in a competitive market• stay flexible• change at low costs
Specific difficulties compliance:• translating compliance ruling into measures for organisation• many rules and regulations from different sources • traceability - ‘proving’ compliance
Compliance Challenge - surveys
Mercury US and European businesses expect a large part of IT budgets will go to compliance projects in the coming years
Deloitte and ToucheComplexity of IT environments is seen as a major impedimentin compliance projects
GartnerOrganisations can experience a competitive advantage by handling compliance issues more efficiently than others
The Ampersand Method I
Rule based Business Process Management
Stef Joosten
Formal approach to IT systems development
Succeeds / incorporates:• Calculating with Concepts: finding and verifying business rules• ADL (A Description Language): capturing business rules
building blocks:• Concepts: entities which are important to users• Relations: associations between concepts• Rules: invariants, represent business logic
The Ampersand Method II
Business processes are derived from business rules, not built with them.
Based on relation algebra, can be used to: • Get clarity about specifications (cycle chasing) • Specifying and even generating IT systems which can be proven to implement business logic (as in business rules) correctly.
Bridging the Gap: Ontologies
How to represent the real world: ontologies, the silver bullet?
Everybody his own ontology: solving problems or raising misunderstandings to a higher level?
Why use ontologies in IT:• Enabling common understanding: sofa/couch, property/attribute• Reuse domain knowledge• Make domain knowledge explicit, support analysis
Long history in IT Systems Analysis and Design (ISAD), a.o. Bunge-Wand-Weber representation model
Use of Ontologies in IT
Applications: information integration, P2P information sharing, web service composition, ambient intelligence, web navigating and querying (Marktplaats)
Recent developments in the area of automated concept matching and ontology integration
Ampersand, Business Ontologies
and Compliance • Business (compliance) rules can be used directly, no need to program business processes• All business (compliance) logic in one place, easy to check by users and auditors• Mathematical prove that functionality matches business (compliance) rules can be provided• Business ontologies easy to use with Ampersand, help bridge the gap between compliance ruling and business concepts
Research at Purdue University CERIAS program: Center for Education and Research in Information Assurance and Security
Articles on: • traceable and flexible compliance with privacy ruling• use of ontologies to support common understanding of concepts
Computer Science Research group dedicated to: Digital Identity Management and Protection
Articles Purdue University
Examples:
• Traceable and Automatic Compliance of Privacy Policies in Federated Digital Identity Management. 6th Workshop on Privacy Enhancing Technologies. Cambridge University UK, 2006.
• Achieving Privacy in Trust Negotiations with an Ontology-Based Approach. IEEE Transactions on Dependable and Secure Computing, January-March 2006
The Case Federated environment of medical service providers and patients Automated exchange of patients’ information among service providers Compliance with patients’ privacy preferences Breaches of trust need to be traceable
Other requirements:• common understanding of concepts (medical, privacy preferences)• automated matching of concepts• flexibility and traceability
Purdue Solution I
1. Check isMoreStrict2. A. Privacy preference templates PPx stricter than Ppy if x < y
Purdue Solution II
3. Check logging - trace back
2. B. Customized privacy preferences More complex checks / ordening.
Ampersand SolutionConcepts, Relations and Rules
• Concepts: entities which are important to usersCONCEPT "Participant" "party in federated service network, person or service provider."CONCEPT "PrivacyPreference" "a policy statement about how to deal with information"CONCEPT "Data" "the type of data that can be stored of a person."
• Relations: associations between conceptsbelongsTo :: PrivacyPreference => Participantsubsumes :: PrivacyPreference * PrivacyPreference [TRN,ASY] PRAGMA "" " subsumes, is less strict than “requestsInformationFrom :: Participant * Participant
• Rules: invariants, represent business logicrequestsInformationFrom -: (hasPrivacyPreference; hasPrivacyPreference~) \/ (hasPrivacyPreference; subsumes~; hasPrivacyPreference~) EXPLANATION "Information can only be requested from a party with an equally or less strict privacy policy."
Ampersand Solution - base
x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x xxx x x x x x x x x x x x x x x xx x x x x x x x x x x x x x x x x x x x x xxxx x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x
requestsInformationFrom -: (hasPrivacyPreference; hasPrivacyPreference~) \/ (hasPrivacyPreference; subsumes~; hasPrivacyPreference~)
possible occurrencesallowed occurrencesactual occurrences
Ampersand Solution - flexibility
x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x xxx x x x x x x x x x x x x x x xx x x x x x x x x x x x x x x x x x x x x xxxx x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x
requestsInformation -: ((belongsTo~; hasPurpose; subsPurpose~; hasPurpose~) /\ (belongsTo~; refersToData; subsData~; refersToData~)) \/ (permissionTo~; permissionConcerns)
possible occurrencesallowed occurrencesspecial permissionactual occurrences
Ampersand - ontologies
subsPurpose :: Purpose * Purpose [TRN,ASY] PRAGMA "" " subsumes, is less strict than" = [ ("General-purpose", "Treatment") ; ("General-purpose", "Insurance") ; ("General-purpose", "Research") ; ("Research", "Teaching") ; ("Research", "Development") ; ("Research", "Marketing") ].
Ampersand - ontology integration
x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x xxx x x x x x x x x x x x x x x xx x x x x x x x x x x x x x x x x x x x x xxxx x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x
requestsInformationFrom -: hasPrivacyPreference; hasPurpose; subsPurpose~; hasPurpose~; hasPrivacyPreference~ EXPLANATION "Information can only be requested from a party with an equally or less strict purpose policy."
possible occurrencesallowed occurrencesout of bound occurrences
Ampersand - screen
Solutions Compared
AmpersandPurdue
•programming business processes •deriving business processes from rules
•business logic in systems coding •business logic in rule base
•mathematical prove provided•mathematical prove not provided
•more familiar to most IT staff •less well known
Conclusions I
Ampersand method offers advantages in achieving compliance in IT
• business rules used directly to generate IT system• all business logic in one place, easy to check• correct implementation can be proven
Business ontologies enhance usability Ampersand• easy to integrate with Ampersand / ADL• help bridge gap between compliance- and business concepts• allow combination of rule patterns / compliance patterns
Conclusions II
Advantages Ampersand method combined with business ontologies reach beyond compliance
• help get clarity about desired functionality• less discussion about implementation issues• increase IT developers productivity• enhance flexibility
Further Research
Automated matching of business logic and (compliance) ruling, supported by business ontologies
Generating a ‘compliance certificate’ based on correct matching of compliance ruling and business concepts
Integrating Ampersand compliance- and business rule patterns to offer extended functionality in IT systems development
Master Thesis Choose a subject you like, after all you are stuck with it!
QUESTIONS?
Watch out for dependencies
Choose a subject which is doable in the time you want to spend
Combine with job or join existing research, take into account:• Level of freedom• Academic level• Time efficiency
Say good bye to your friends and go for IT!